Upgrade the project to .net 8.0 and fix high security vulnerabilities (one failing test remaining)

[DamirTomic]

Hi, I wanted to fix a dependency that is rated a high-security vulnerability, but in order to do that I had to make significant upgrades to the project, such as upgrading it to .net 8.0. I hope you're ok with that, if not, we can discuss.

There is 1 test that's failing but I think the test is incorrectly written. I can fix it we agree on a solution
a) test shouldn't throw an exception if you pass a valid string but the file doesn't exist
b) test should throw a filenotfound exception or something like that if the string exists but the file path doesn't
c) other ?

[toddams]

Hey Damir

Thans for your PR, it's very valuable missing piece we had. However, because you replaced tabs with spaces on certain files (but not all of them, though) - it completely messed up the diff, and it's hard to tell what was changed without going line by line.

Also, dropping netstandard is going to make library unusable for some people, which I'd like to avoid. Are you sure there is no way to have updated packages without vulnerabilities without dropping it?

I also noticed, that #if directives for runtime-specific areas were not changed

[DamirTomic]

Ok, let me see if I can make this work with .net standard, and I'll fix the other things as well.

[gumbarros]

Any plans to merge this?

[toddams]

Of course, as soon as all PR comments will be addressed

[Elinares-82]

Of course, as soon as all PR comments will be addressed

Hi, why the package has to have net standard since the net standard is deprecated? We are now in .net and this library is getting old. Please move to the latest net version, however, we will be forced to move to another library or create a new one. Also, this library has security vulnerabilities.

[toddams]

This is an open source project, mainly driven by the community PRs at this point. There are ways to achieve what library offers using official API. Yet you are acting like you are paying for it and demanding some actions. If you are unsatisfied, or project doesn’t meet your needs - feel free to submit a PR or fork it and adjust accordingly. But don’t get it twisted, we are not obliged to anything here.

[Elinares-82]

But don’t get it twisted, we are not obliged to anything here.

Hi, my apologies if my comment was taken as a rude one, but this is just a comment or suggestion, since the net is now in version 9. I'm not paying and also, I'm using the package and thanks for that, but as a maintainer the community is asking for a package update. And finally, yes you are not obliged to anything here, but it is not necessary to say it.